Hamid Talebi

Profile Permanent Resident and an IT engineer with 10 years’ experience, highly motivated and results-driven team player who thrives on challenges, responsibility, problem-solving and working with creative people to achieve exceptional business outcomes. Summary of Qualifications

• Knowledge of programming languages such as python, c++, Java and ASP.net • Experience working with Cisco ISE, Umbrella, SMA and Thread Grid • Experience working with SIEM software such as Qradar IBM,FortiSIEM, Splunk, ArcSight • Experience working with different types of network devices such as Cisco, Mikrotik, HP • Deep understanding of routing & switching technology in cisco devices(OSPF, EIGRP, BGP) • Deep understanding of such as Fortigate, Firepower, Juniper, Palo Alto and open-source firewall such Untangle, pfSense, IPFire, • Experience working with virtualization technologies such as VMware and Hyper-V • Knowledge of administration of different OS such as , Windows Servers, Mac • Knowledge of implementing different services through Windows such as DNS, DHCP, Active Directory, VPN, Exchange, IIS, RAS, Group Policy • Excellent at configuring NAS, SAN storage system for backup • Designing and implementing HoneynetProject in the Atlantic of Canada Certificates • Azure Security Associate – Microsoft – ( May 2021) • CEHv11- EC-Council-( April 2021) • NSE7(Network Security Architect)- - (Feb 2021) • Devnet Associate- Cisco-( Feb 2021) • PCCET- Palo Alto – (Nov 2020) • PCNSE- Palo Alto – (July 2020) • Cybersecurity Essentials- Palo Alto- (June 2020) • NSE5(FortiSIEM 5.2- FortiManager 6.2) Fortinet-(June 2020) • NSE4(FortiOS 6.0)(Network Security Professional)-Fortinet-(June 2019) • CMNO(Certified Meraki Network Operator)- Cisco-(March 2019) • FortiSIEM & Advance Parser- Fortinet-(Feb 2019) • ACE & PSE datacenter – Palo Alto – ( Nov 2018) • AWS Security Fundamental – Amazon – ( Sep 2018) • CCNP Routing & Switching –Cisco –(Sep 2018) • CCNA Routing and Switching – Cisco- (March 2018) • LPIC1 (Linux Professional Certification Program) - LPI (Jan 2018) -License LPI000347422 • MCITP (Microsoft Certified IT Professional) - CyberTech Institute (2008-2009) • ACS (Australian Computer Society Inc.) (Dec 2013) Present License Accredible-53156305487 • Security Screening(Reliability Status) Hardware Environment HP (PROLIANT G7, G8, DL380 G9), Dell PowerEdge(R530-R730), Cisco (2600, 3600, 3700,1800, 1900, 2800, 2900, 3850, 3900 Routers), Mikrotik RouterBoard (211UiAS, hEX lite, RB260GS, SXT Lite5), Raspberry PI3, NAS SnapServer E2000, SAN EMC VNX 5800, IBM Storewize V5030, Juniper Firewall SRX345, FortiGate (3240C, 100D), G-TAP Gigamon, PAN OS 8.1, Cisco ASA 5506-5508 Software Environment & Protocols Windows Server (2003 ,2008, 2012, 2016), Linux (Ubuntu 16.x, Mint 18.x, Debian 9.0.1, CentOS 7, Redhat 7, openmediavault), VMware 10, Wireshark, Office 365 Exchange Email and anti-spam protection, Elastix 5.0 VOIP, MS SQL Server(2000, 2005, 2008, 2012), CMS(WordPress 4.8, Joomla 3.7.x), Acronis 2016, Page | 1 Hamid Talebi

Antivirus(Symantec, Panda and McAfee), DNS, DHCP, IIS 7-8-8.5, WSUS, Remote App, RAS, Group Policy, SMTP, IMAP, POP3, NAT, RIP, EIGRP, OSPF, HSRP, VRRP, VLAN, Trunking, VTP, STP, GLBP, Ether Channel, Zone Based Firewalling/IOS, IPsec VPN, SSL, VPN, L2TP VPN, , PRTG Network Monitor V15.3.19, IBM Qradar, Nessus, Ziften, Untangle 13.0, Bro Network Security, Honeynet, CSS, ASP.NET, Microsoft Visio

Work Experience BCIT (Oct 2019- Now) Role: CISA Faculty Main Responsibility:

- Enterprise and Advanced Network Security(Cisco- Palo Alto- FortiGate- Splunk) - Network Programming with Python - CyberOps

Bell (Oct 2018- Oct 2019) Role: Security Consultant Main Responsibility: Developing and implementing security practices; responsible for delivery of security services to the business and assisting in the development of client security architecture

Key Accomplishments: Project 1 – Liquor Control Board (Nov 2018) - Review existing configuration on ASA perimeter at Head Office and backup site. - Determine any impacts to connected DMZ networks - Assist in cutover – field any issues with the ASA pairs - Assist in cutover Blue Coat Proxy - Available following the cutover to field issues with ASA pairs - Provide any observations or recommendations for input into next infrastructure update - Cisco ISE Configuration for the network Project 2 – Workers’ Compensation Board (Nov 2018) - Configuring ISR 4331 based on previous configuration - Review existing configuration - Installing purchased security license - Create a zone-based firewall based on CBAC configuration - Create an Anti-DDOS Policy - Available following the cutover to field issues with ISR Project 3 – Union (Dec 2018) - Converting SonicWALL firewall to ASA Firepower 5508 - Installing license for VPN - Connecting users through SSL VPN(Any Connect) - Installing Layer 5-7 inspection - Activate Botnet filtering - Thread Grid and SMA configuration Project 4 – Workers’ Compensation Board (Feb 2019-March 2019) - Tuning and Configuring ArcSight - Connect Flex Connector to SQL Server Page | 2 Hamid Talebi

- Define parameters and triggers in the SQL Server for different events and connect these events through Flex Connector to ArcSight Console Project 5 – Electric Power Agency (March 2019-April 2019) - Changing service-based policy to application-based policy - Working with Expedition tools to detect application Project 6 – Electric Power Agency (April 2019-May 2019) - Review current endpoint protection environment, including licensing current state - Identify and categorize endpoint protection Needs, Wants, and Nice-to-Haves Project 7 – CANARIE (April 2019-August 2019) - FortiSIEM installation (worker, supervisor and collector) (SOC TEAM) - Configure devices to push\pull data to\from FortiSIEM. - Create documentation using existing documentation but also adding custom requirements - Configure devices on customer network such as Linux Server 6.9, Firewall Sophos, Router Juniper MX480, Router Juniper MX10003, Switch Juniper - EX2200, CMDB Server

Canadian Institute for Cybersecurity | UNB (Sep 2017- Oct 2018) The Canadian Institute for Cybersecurity (CIC) is a comprehensive multidisciplinary training, research and development, and entrepreneurial unit that draws on the expertise of researchers in the social sciences, business, computer science, engineering, law and science. Employees: 52 Team Size:10 Reason for leaving job: Got offer from Bell. I was working part-time with them. Role: Senior System Administrator Main Responsibility: Planning, Installing and supporting network security on network

Key Accomplishments:

− Implement virtualization technology with ESX 6.5 and put machines in different Vlans − Running several services with different OS such as Redhat, Centos7 , Ubuntu, Mint, Windows 7,8,10,2012,2016 in the network − Configuring router on-stick, define different access-list on the router and define a SPAN port for capturing and analyzing the traffic − Configure VTP, port security, access-list, SNMPV3, NetFlow V9, Private Vlans, dynamic routing (EIGRP-OSPF), NAT on different Cisco devices(3850 Switches- 4300 routers) − Configuring the firewall (Fortinet D100) policy on the edge of network − Define the Active Directory in windows server 2016, 2012 and implement a sustainable network − Monitoring system by defining SNMPv3 on different devices and connect sensors to PRTG − Implement a honeynet in CIC from scratch with sophisticated technology (T-POT, Security Onion, Kippo …) and update the weekly report. Testing different firewall such as Untangle, Pfsene, and Net screen on the edge of honeynet − Working with Different projects in CIC and have an effective collaboration: • McCain Food: Security Consultant for Qradar and Consulting to implement Cisco ACI in the datacenter • Bell: System administrator of Dark Web project in Bell and consulting Bell to implement honeypot in the network. Writing bashscript that show real-time attack based on the Cowrie logs • IBM(Q1Lab): Installing and configuring the Qradar to connect different devices to get NetFlow and logs in the Qradar for development team • CANARIE: Capture huge flow traffic with Bro monitoring system by using GTAP and use CICFlowmeter to analyses data. This is collaborative project between CIC, UPEI and CANARIE Page | 3 Hamid Talebi

• CSE: Implement different attacks scenario over 500 AWS machines for Communications Security Establishment. Create a custom image (Windows 8, 10, 2012, 2016 – Kali - Ubuntu) on the AWS and run on 500 machines, capture each machine's log and data and save it on S3, capture attacks and finally label each attack with CICFlowMeter based on time of attack.

FTR CO (Sep 2010- Jun 2017) Raman IT Company provides IT support, both front-line and back-line, bespoke software solutions, systems design, programming, and consultancy for businesses who depend on IT for success. Employees: 500 Team Size:10 Reason for leaving job:Came to Canada Main Responsibility: Evaluate, monitor and enhance IT infrastructure and software with an emphasis on availability, reliability, scalability, security, data confidentiality and system integrity for different companies, which are listed: Thermal Power Plant Holding (Sep 2012- Jun 2017) Role: Senior Systems Administrator/Security Analyst Key Accomplishments: − Reengineered company’s systems setup, establishing automated server generation routines, optimizing system performance, installing upgrades/patches, establishing system monitoring and maintaining security protocols − Installation and operation of Active Directory Services for user management − Installation and operation of DNS, DHCP, DFS, WSUS, Remote App, Hyper-Streaming, Web Server IIS 7, VOIP(Elastix 5), VLAN(Cisco Switches 2960), VPN Server(L2TP), RBAC, Radius Server − Deploying and configuring Antivirus (Specially Cloud Panda and McAfee 2016) − Virtualization of HP servers by VMware ESX 6 to define different servers − Configure Juniper SRX345 and Untangle 13.0 in separate layers of company to decrease vulnerability − Define IPsec and security policy for different customers via Cisco and Mikrotik RouterBoard to increase security and data confidentiality − Support clients Mac and Linux OS

Renewable Energy and Energy Efficiency Organization (Sep 2010 – Sep 2012) Role: Systems Administrator Key Accomplishments: − Develop, administer, and maintain the overall system architecture for the REEEO network, servers − Implement Active Directory, DHCP, DNS, IIS and Group Policy in Windows Server 2012 − Design and implement virtualization technology with Hyper for different servers − Design and implement wireless connection (about 8km) between two buildings with IPsec protocol − Implement everyday backup using Acronis software − Implement, maintain, upgrade, and administer REEEO websites with ASP.net and MS SQL Server. This includes designing and maintaining the structure and layout of the websites and maintaining their contents − Install and maintain MacAfee Anti-virus

Page | 4 Hamid Talebi

FANAVA CO (Oct 2008- Sep 2010) Fanava is a number one service provider in Iran and they provide Internet services, wireless, … to customers. Employees: 1000 Team Size: 5 Reason for leaving job: Found better opportunity Role: Network Support Main Responsibility: Provided strategic planning and project leadership over systems migration, configuration, administration, upgrades and troubleshooting initiatives Key Accomplishments: − Directed the implementation and performance tuning of Windows 2003 − Built new file servers to maximize Web hosting, terminal server, file/print sharing and domain- control performance − Install and configure Exchange 2007 and update to Exchange 2010 − Resolved a history of problematic network failure by troubleshooting LAN/WAN connections between multiple stores for a regional retail chain − Stabilized, expanded and protected client network and PC environment − Used and Stored Data on NAS (SnapServer E2000) to backup data − Managed data banks through MS SQL Server 2000

Education Provincial Instructor Diploma Program (PIDP) Diploma (April 2020) Iran University of Science and Technology (IUST) (2008-2010) Master of Science in Network Security-WES accredited equivalent: Master (2 years) Azad University (2003-2007) Bachelor of Science in IT Engineering -WES accredited equivalent: Bachelor (4 years)

Page | 5